Threat hunting can reduce malware dwell time, the time between its discovery and a data breach.
Shortening that cycle can make all the difference. Potentially spending just a few hours of remediation compared to going out of business due to a full-on compromise.
Proactive Threat Hunting requires toolsets and technology beyond what normal Security Operations maintain to perform their day-to-day threat monitoring and triage activities.
ThreatWatch® Hunt integrates hunting toolsets and methods with Security On-Demand’s proprietary correlation and behavioral analysis capabilities, such as machine learning-based artificial intelligence and supervised learning models that use behavioral analysis of attack patterns. As part of the service, SOD will:
Once an alert for a potential threat is received, the data is correlated with other security information and then our SOC team will respond to further triage and investigate the suspicious activity.
The ThreatWatch Hunt service conducts periodic scheduled scans of network devices. Implants and threats discovered during a sweep initiate an alert to the ATLAS Analytics Platform.
Companies that identified a breach in less than 100 days saved more than $1 million as compared to those that took more than 100 days. Similarly, companies that contained a breach in less than 30 days saved over $1 million as compared to those that took more than 30 days to resolve. (IBM 2018 Cost of Data Breach study)